<?php
    $admin_user =   $_POST['admin_user'];
    $admin_pass =   MD5($_POST['admin_pass']);

    include "db_connect.php";
    //$find = "select * from `admins` where `username` = mysql_real_escape_string($admin_user) and `password` = '$admin_pass' ";
    $find = "select * from `admins` where `username` = '$admin_user' and `password` = '$admin_pass' ";
    $result = mysql_query($find);
    $display = mysql_fetch_assoc($result);
        

    if (mysql_num_rows($result) > 0)
        {
        session_start();
        $_SESSION['is_loggedin']    = "yes";
        $_SESSION['username']       = $admin_user;
        $_SESSION['name']           = $display['name'];
        $_SESSION['user_id']        = $display['id'];
            header("location:../admin.php");
        }
    else
        header("location:../admin_login.php");
?>